Apple releases iPhone update to fix Group FaceTime eavesdropping bug

Apple on Thursday released iOS 12.1.4, an iPhone update that fixes a Group FaceTime bug that allowed users to eavesdrop on each other. The update is a available for the iPhone 5S and later, iPad Air and later, and iPod touch 6th generation. Last week, Apple turned off Group FaceTime after a bug was identified that allowed iPhone users to call another device via the FaceTime video chat service and hear audio on the other end before the recipient had answered the call. It essentially turned any iPhone into a hot mic without the user’s knowledge.

Apple on Friday said it’d fixed the vulnerability on its servers and that it’d issue a software update to re-enable Group FaceTime. Apple also apologized to users who were affected and said it takes the security of its products “extremely seriously.”

Release notes for iOS 12.1.4 say a “logic issue existed” in Group FaceTime and that it was fixed “with improved state management.” As of 10 a.m. PT on Thursday, Apple’s System Status page notes that Group FaceTime service has been restored.

In addition to the Group FaceTime bug, Apple said it also fixed a previously unknown issue with the Live Photos feature of FaceTime.

“In addition to addressing the bug that was reported, our team conducted a thorough security audit of the FaceTime service and made additional updates to both the FaceTime app and server to improve security,” said a representative for Apple in an emailed statement. “This includes a previously unidentified vulnerability in the Live Photos feature of FaceTime. To protect customers who have not yet upgraded to the latest software, we have updated our servers to block the Live Photos feature of FaceTime for older versions of iOS and macOS.”